0^/10/04 14:48 FAX. 5032744o?2 UARGER JOHNSON McCOLLOM^ lg]004 

CLAIMS 

1 . (Currently amended) A secure wireless local area network (LAN), comprising- 
a firewall to control access to a wired computer LAN; 
a wireless device coupled to a wireless device operator; 

an access point coupled to the wired computer LAN in communication with the 
wireless device through an air channel to authenticate the ^.dreless device without ...n. 

through the firpwi^l]; f,n^ ' ^ 

an authentication server coupled to the wired computer LAN to provide the operator 
with access to the wired LAN after authenticating the access point, the wireless device, and 
the operator without going through the firewall. 

2. (Previously presented) The secure wireless LAN of claim 1 where the access 
pomt mcludes a first authentication device to send a first authentication message to the 
wireless device, the second authentication message including validating information about 

the access point. 

3. (Previously presented) The secure wireless LAN of claim 2 where the wireless 
device mcludes a second authentication device to send a second authentication message to the 
access point, the first authentication message including validating information about the 

wireless device and the operator. 

4. (Previously presented) Hie secure wireless LAN of claim 3 where the access 
point sends the- fii^t and second authentication messages to the authentication server after 

authenticating the wireless device. 

5. (Previously presented) The secure wireless LAN of claim 3 where the first and 
second authentication devices are smart cards. 

6. (Previously presented) TTte secure wireless LAN of claim I including a control 
chamiel between the access point and the authentication server to send an authentication 
message between the access point and the authentication server, the authentication message 
mcludmg validating information about the access point, wireless device, and operator 
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7. (Original) The secure wireless LAN of claim 6 including a data channel on the 
wued LAN for sending data from the wireless device to any other device coupled to the 
wired LAN. the data channel being enabled after the authentication message is validated by 
the authentication server. 

8. (Previously presented) The secure wireless LAN of claim 6 where the 
communications between the wireless device and the access point and over the control 
channel is encrypted. 

9. (Currently amended) A secure wu^less local area network (LAN), comprising: 
a firewall means to control access to a wired computer LAN; 

a wireless means for use by a wireless device operator; 

an access means coupled to the wired computer LAN to authenticate the wireless means 
without gom^ thmngh the firewall mt-anc; 

an authentication server means coupled to the wired computer LAN to enable the 
operator's access through the wireless access means to the wired computer LAN after 
authenticating the access means, the wireless device, and the operator without going through 
the firewall means. 

10. (Previously presented) The secure wireless LAN of claim 9 where the access 
means mcludes a furst authentication means to generate, encrypt, and transmit a first 
authentication message to the wireless means, the fust authentication message including 
validatmg information about the access means. 

1 1 . (Previously presented) The secure wireless LAN of claim 10 where the 
wireless device includes a second authentication means to generate, encrypt, and transmit a 
second authentication message to the access means, the second authentication message 
mcluding validating information about the wireless device and the operator. 

12. (Previously presented) The secure wireless LAN of claim 11 where the fmrt 
authentication means transmits the first and second authentication messages to the authentication 
means after authenticating the wireless device. 
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13. (PreviousIypresented)ThesecurewirelessLANofclaim II where the first 
and second authentication means are smart cards. 



1 4. (Previously presented) The secure wireless LAN of claim 9 including a control 
channel between the access means and the authentication means to send an authentication 
message between the access means and the authentication means, the authentication message 
deluding vaUdating information about the access means, the wireless device, and the 
operator. 

1 5. (Previously presented) The secure wireless LAN of claim 13 where 
communications between the wireless device and the access means and over the control 

channel are encrypted. 

1 6. (Currently amended) A method for operating a local area network (LAN) 
comprising: 

generating a first authentication message including validating information about an 
access point connected to a wired LAN; 

transmitting the first authentication message from the access point to a wireless device 
over a wireless channel; 

validating the access point by analyzing the first authentication message without 
eomg through a firewaH Tn>.anc; 

generating a second authentication message including validating information about 
the wireless device and a wireless device operator; 

transmitting the second authentication message from the wireless device to the access 

point; 

validating the wireless device by analyzing the second authentication withouUfiina 
through the firewall m<.an«; 



transmitting the first and second authentication messages to an authentication servei 
after validating the access point and the wireless device without goino t^^»p WK. 



validating the operator, the wire!... .u. 
through th e firewall mf„n^ - and 

enabling a data chamiel between the wireless device and other devices on the wired 
LAN after validating the OEe,ator^reless device, and the access point a«**.^perate.; 
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where validatmg the access point, the wireless device, and the operator occurs at an 
authentication n,eans.v4tW^ei«^^ 

17 (Previously presented) The method of claim 16 where transmitd„g the first 

a^ent.anon message includes transmitting information about the witless devicet Z 
operator contamed in a second authentication device. 



19. 



and , . '"""'''^ ^--itting the first 

second authentication messages includes establishing a control channel betwL the 
access pomt and the authentication server. eiweenthe 

transf ^ H ^^''"'^ ^^^'^P^"^ ^o^ation 

transferred over the wireless and control channel. 
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